I’ve seen the older posts about this issue when trying to use FTPS and the website is on shared hosting. Basically, what is happening is I get the certificate error below whenever I try to use FTPS.
Ticking explicit seems to have no effect.
This also happens whether I use the default ‘root’ account for my hosting or an FTP account I have specifically created for WD FTP purposes. I’ve also checked that it is not a pathing / remote directory issue. In fact, what happens is all the files get created on the FTP server, but due to the certificate error they are all 0 byte empty files.
When I use the same credentials with Filezilla I also get the certificate error, but Filezilla allows me to accept and override that certificate error. I don’t see any options to tell WD to allow the same kind of override, though?
error verifying server certificate: 0x800b010f
FTP error occured
OU=Domain Control Validated, OU="Hosted by HostGator.com, LLC.", OU=PositiveSSL
Wildcard, CN=*.hostgator.com C=GB, S=Greater Manchester, L=Salford, O=COMODO
CA Limited, CN=COMODO RSA Domain Validation Secure Server CA [0x800b010f] The
certificate's CN name does not match the passed value.
Negotiated SSL parameters: Protocol: TLS1.2 Cipher: AES Cipher strength: 128 Hash:
SHA256 Hash strength: 0 Key exchange: DH Ephemeral Key exchange strength: 2048
I can only use SFTP if I use the master / root account for my hosting company - they don’t allow SFTP on any custom created FTP accounts. Also, I’m not really keen on keeping that master account/pass stored in WD as the passwords are stored in cleartext in the registry and FTP registry backup files. Honestly, just as a point of security, I really don’t like using the master password/account for something as trivial as uploading the WD files.
It does work via SFTP, that’s just not my preference. It also works if I use regular FTP, but I’d really prefer to use FTPS.
Is it possible to use FTPS in my scenario or is that just a function/feature that is not an option in my situation with using a shared hosting account?
I don’t recall any limits on using SFTP/FTPS on my shared hosting account, but yours may well be different. Can you confirm with the host that FTPS is supposed to work in that situation? I just posted the question because I have previously seen the scenario of a user needing SFTP but trying unsuccessfully to use FTPS.
Hostgator definitely limits SFTP to only the root/master cpanel login credentials. I can’t say who else does that, but I would suspect that it’s a method some of the other bigger hosting companies employ.
FTPS definitely works, but it throws the certificate error which I can manually accept and store for future sessions with clients like Filezilla. So FTPS with my host and Filezilla is working. It’s the issue that the FTP for WD doesn’t seem to have the option or ability to manually override / exclude / store the certificate.
There’s not much to ask the hosting company. I am 99% sure their answer is going to be, “You are on a shared server so the certificate is going to be hostgator and not your domain. If you want that feature, you would need to upgrade to dedicated / vps hosting.” I’ve had similar discussions with them about these kinds of things in the past.
Brian,
After hosting company enforced explicit FTPS over TLS, I updated WD from build 84 to 104. I can connect to the server via Filezilla, but although WD appears to connect, I’m getting the same symptoms as winedog (error 0x0800b0101f and 0byte clientraw.txt files). Dialog below comes from WD FTP Log
error verifying server certificate: 0x800b010f
FTP error occured
OU=Domain Control Validated, CN=*.servers.prgn.misp.co.uk C=US, S=Arizona,
L=Scottsdale, O=“GoDaddy.com, Inc.”, OU=http://certs.godaddy.com/repository/,
CN=Go Daddy Secure Certificate Authority - G2 [0x800b010f] The certificate’s CN
name does not match the passed value.
Negotiated SSL parameters: Protocol: TLS1.2 Cipher: AES Cipher strength: 128 Hash:
SHA256 Hash strength: 0 Key exchange: DH Ephemeral Key exchange strength: 2048
OK
Connected.
I have tried reinstalling WD several times (as per your earlier suggestion to another sufferer) but it has not fixed the problem.
FTPUPD.EXE started at 5:45 pm 01/14/20 agenda items to do…
doupload Files to upload*
Local files: C:\weather\wdisplay\webfiles\Lochwinnoch.htm
Local files: C:\weather\wdisplay\webfiles\Lochwinnochdial.gif
Local files: C:\weather\wdisplay\webfiles\cloudheight.gif
Local files: C:\weather\wdisplay\webfiles\moondetail1.gif
Local files: C:\weather\wdisplay\webfiles\moondetail2.gif
Local files: C:\weather\wdisplay\webfiles\Lochwinnoch.gif
Local files: C:\weather\wdisplay\webfiles\dailyhighlowbaroetc.gif
Local files: C:\weather\wdisplay\webfiles\summary.gif
Local files: C:\weather\wdisplay\webfiles\realtimegraph2.gif
Local files: C:\weather\wdisplay\webfiles\forecasticon.gif
Local files: C:\weather\wdisplay\webfiles\forecasticonstation.gif
Remote files: Lochwinnoch.htm
Remote files: Lochwinnochdial.gif
Remote files: cloudheight.gif
Remote files: moondetail1.gif
Remote files: moondetail2.gif
Remote files: Lochwinnoch.gif
Remote files: dailyhighlowbaroetc.gif
Remote files: summary.gif
Remote files: realtimegraph2.gif
Remote files: forecasticon.gif
Remote files: forecasticonstation.gif
Error error verifying server certificate: 0x800b010f with FTP transfer
Error occured at:17:45:11 14/01/2020 list of files uploaded*
FTPUPD.EXE finished at 17:45:14 14/01/2020
Time taken = 0.10 minutes
Total bytes uploaded = 0 K
Total bytes uploaded for the day = 0.00 Mb
Total bytes uploaded for the month = 530.49 Mb
I am working with the author of the FTP component I use
hopefully will get it fixed
have made a bit of progress
now it stops on trying to do the upload (which is different to being disconnected) after a setting change to force to use SSH 1.2 (was not on by default)
Sounds similar to my recent issues see ftplogfull as attached, part of which is below. Problems started in Sept/ October 2019 I think.
list of files uploaded*
Uploading C:\wdisplay\webfiles\CharlburyWeather.gif → CharlburyWeather.gif
Uploading C:\wdisplay\webfiles\summary.gif → summary.gif
Uploading C:\wdisplay\webfiles\jpgwebcam.jpg → jpgwebcam.jpg
Uploading C:\wdisplay\webfiles\jpgwebcam.gif → jpgwebcam.gif actual messages from upload session* Start Time/date:15:30:16 20/01/2020
Permanent connection selected
Permanent connection, will do ftp now
Finshed email agenda
Finshed email agenda, and more Internet agenda items to do…
Weather Display FTP/Internet vers 9.06 Time/date:15:30:18 20/01/2020
Logging onto FTP server…ftp.dora.abelgratis.com
Connecting to FTP server.
OK
Connected.
220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------
220-You are user number 2 of 50 allowed.
220-Local time is now 15:30. Server port: 21.
220-This is a private system - No anonymous login
220-IPv6 connections are also welcome on this server.
220 You will be disconnected after 15 minutes of inactivity.
AUTH TLS
234 AUTH TLS OK.
Starting secure channel handshake.
Enabling TLS versions: TLS1.2 TLS1.1 TLS1.0
Cipher Suites:
TLS_KRB5_EXPORT_WITH_RC2_CBC_40_MD5 (0x002a);
TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 (0xc02c);
TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 (0xc02b);
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (0xc030);
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (0xc02f);
TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 (0x009f);
TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 (0x009e);
TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 (0xc024);
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 (0xc023);
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 (0xc028);
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 (0xc027);
TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA (0xc00a);
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA (0xc009);
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (0xc014);
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (0xc013);
TLS_RSA_WITH_AES_256_GCM_SHA384 (0x009d);
TLS_RSA_WITH_AES_128_GCM_SHA256 (0x009c);
TLS_RSA_WITH_AES_256_CBC_SHA256 (0x003d);
TLS_RSA_WITH_AES_128_CBC_SHA256 (0x003c);
TLS_RSA_WITH_AES_256_CBC_SHA (0x0035);
TLS_RSA_WITH_AES_128_CBC_SHA (0x002f)
Sending 179 bytes of handshake data.
Receiving 1448 bytes of handshake data.
Receiving 2048 bytes of handshake data.
Receiving 600 bytes of handshake data.
Receiving 894 bytes of handshake data.
Sending 126 handshake bytes.
Receiving 258 bytes of handshake data.
error verifying server certificate: 0x800b010f
FTP error occured
OU=Domain Control Validated, OU=PositiveSSL, CN=web1-abel.dedicated-solution.com
C=US, S=TX, L=Houston, O=“cPanel, Inc.”, CN=“cPanel, Inc. Certification Authority”
[0x800b010f] The certificate’s CN name does not match the passed value.
Negotiated SSL parameters: Protocol: TLS1.2 Cipher: AES Cipher strength: 256 Hash:
SHA384 Hash strength: 0 Key exchange: ECDH Ephemeral RSA Key exchange
strength: 256
OK
Connected.
USER=****
331 User doraabe OK. Password required
PASSWORD=****
230 OK. Current restricted directory is /
PBSZ 0
200 PBSZ=0
PROT P
200 Data protection level set to “private”
TYPE I
200 TYPE is now 8-bit binary
Change to remote Dir /public_html/assets-2
CWD /public_html/assets-2
250 OK. Current directory is /public_html/assets-2
Checking for next FTP agenda…
there are 1 more things to do
Doing ftp upload
Checking there are files to upload
There are more files to upload
PASV
227 Entering Passive Mode (84,18,201,18,138,9)
[DI] Attempting to connect to server.
STOR CharlburyWeather.gif
[DI] Socket connection established.
[DI] Starting secure channel handshake.
[DI] Enabling TLS versions: TLS1.2 TLS1.1 TLS1.0
[DI] Cipher Suites:
TLS_KRB5_EXPORT_WITH_RC2_CBC_40_MD5 (0x002a);
TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 (0xc02c);
TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 (0xc02b);
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (0xc030);
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (0xc02f);
TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 (0x009f);
TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 (0x009e);
TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 (0xc024);
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 (0xc023);
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 (0xc028);
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 (0xc027);
TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA (0xc00a);
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA (0xc009);
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (0xc014);
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (0xc013);
TLS_RSA_WITH_AES_256_GCM_SHA384 (0x009d);
TLS_RSA_WITH_AES_128_GCM_SHA256 (0x009c);
TLS_RSA_WITH_AES_256_CBC_SHA256 (0x003d);
TLS_RSA_WITH_AES_128_CBC_SHA256 (0x003c);
TLS_RSA_WITH_AES_256_CBC_SHA (0x0035);
TLS_RSA_WITH_AES_128_CBC_SHA (0x002f)
[DI] Sending 179 bytes of handshake data.
150 Accepted data connection
[DI] Receiving 2048 bytes of handshake data.
[DI] Receiving 2048 bytes of handshake data.
[DI] Receiving 894 bytes of handshake data.
[DI] Sending 126 handshake bytes.
[DI] Receiving 258 bytes of handshake data.
[DI] Negotiated SSL parameters: Protocol: TLS1.2 Cipher: AES Cipher strength: 256
Hash: SHA384 Hash strength: 0 Key exchange: ECDH Ephemeral RSA Key exchange
strength: 256
OK
OK
Disconnected.
301: Timeout.
Connecting to FTP server.
OK
Connected.
220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------
220-You are user number 2 of 50 allowed.
220-Local time is now 15:30. Server port: 21.
220-This is a private system - No anonymous login
220-IPv6 connections are also welcome on this server.
220 You will be disconnected after 15 minutes of inactivity.
AUTH TLS
234 AUTH TLS OK.